Struct: s3crypto.Envelope

import "../ibm-cos-sdk-go/service/s3/s3crypto"

Overview

Envelope encryption starts off by generating a random symmetric key using AES GCM. The SDK generates a random IV based off the encryption cipher chosen. The master key that was provided, whether by the user or KMS, will be used to encrypt the randomly generated symmetric key and base64 encode the iv. This will allow for decryption of that same data later.

Implemented Interfaces

s3crypto.Cipher, s3manager.ReadSeekerWriteTo, s3manager.WriterReadFrom

Structure Field Summary collapse

Method Summary collapse

Structure Field Details

CEKAlg string `json:"x-amz-cek-alg"`

CipherKey string `json:"x-amz-key-v2"`

CipherKey is the randomly generated cipher key.

IV string `json:"x-amz-iv"`

IV is the randomly generated IV base64 encoded.

MatDesc string `json:"x-amz-matdesc"`

MaterialDesc is a description to distinguish from other envelopes.

TagLen string `json:"x-amz-tag-len"`

UnencryptedContentLen string `json:"x-amz-unencrypted-content-length"`

UnencryptedMD5 string `json:"-"`

Deprecated: This MD5 hash is no longer populated

WrapAlg string `json:"x-amz-wrap-alg"`

Method Details

func (e *Envelope) UnmarshalJSON(value []byte) error

UnmarshalJSON unmarshalls the given JSON bytes into Envelope



48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
// File 'service/s3/s3crypto/envelope.go', line 48

func (e *Envelope) UnmarshalJSON(value []byte) error { type StrictEnvelope Envelope type LaxEnvelope struct { StrictEnvelope TagLen json.RawMessage `json:"x-amz-tag-len"` UnencryptedContentLen json.RawMessage `json:"x-amz-unencrypted-content-length"` } inner := LaxEnvelope{} err := json.Unmarshal(value, &inner) if err != nil { return err } *e = Envelope(inner.StrictEnvelope) e.TagLen, err = getJSONNumberAsString(inner.TagLen) if err != nil { return fmt.Errorf("failed to parse tag length: %v", err) } e.UnencryptedContentLen, err = getJSONNumberAsString(inner.UnencryptedContentLen) if err != nil { return fmt.Errorf("failed to parse unencrypted content length: %v", err) } return nil }